Lucene search
K

24 matches found

NVD
NVD
added 2025/05/07 4:15 p.m.15 views

CVE-2024-47619

syslog-ng is an enhanced log daemo. Prior to version 4.8.2, tlswildcardmatch matches on certificates such as foo..bar although that is not allowed. It is also possible to pass partial wildcards such as foo.ac.bar which glib matches but should be avoided / invalidated. This issue could have an...

7.5CVSS0.00301EPSS
Exploits1References5
AlpineLinux
AlpineLinux
added 2025/05/07 3:12 p.m.9 views

CVE-2024-47619

syslog-ng is an enhanced log daemo. Prior to version 4.8.2, tlswildcardmatch matches on certificates such as foo..bar although that is not allowed. It is also possible to pass partial wildcards such as foo.ac.bar which glib matches but should be avoided / invalidated. This issue could have an...

7.5CVSS7.3AI score0.00301EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/05/07 12:0 a.m.11 views

PT-2025-20232 · Syslog-Ng +1 · Syslog-Ng +1

Name of the Vulnerable Software and Affected Versions: syslog-ng versions prior to 4.8.2 syslog-ng version 3.28.1-2+deb11u2 and earlier for Debian 11 bullseye Description: syslog-ng is an enhanced log daemon. Prior to version 4.8.2, tls wildcard match matches on certificates such as foo..bar...

7.5CVSS7.1AI score0.00301EPSS
Exploits1References26
RedHat Linux
RedHat Linux
added 2023/11/02 4:9 p.m.66 views

Moderate: Red Hat Security Advisory: curl security update

An update for curl is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...

5.9CVSS7AI score0.06208EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2023/10/10 3:28 p.m.70 views

Moderate: Red Hat Security Advisory: curl security update

An update for curl is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...

5.9CVSS6.6AI score0.02211EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2023/10/10 12:0 a.m.32 views

RHEL 9 : curl (RHSA-2023:5598)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5598 advisory. The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTT...

5.9CVSS6.6AI score0.02211EPSS
Exploits2References7
OSV
OSV
added 2023/09/24 10:16 p.m.32 views

MGASA-2023-0263 Updated curl packages fix security vulnerability

TELNET option IAC injection. CVE-2023-27533 SFTP path resolving discrepancy. CVE-2023-27534 FTP too eager connection reuse. CVE-2023-27535 GSS delegation too eager connection re-use. CVE-2023-27536 HSTS double free. CVE-2023-27537 SSH connection too eager reuse still. CVE-2023-27538 UAF in SSH...

9.8CVSS5.9AI score0.62246EPSS
Exploits11References17
AlmaLinux
AlmaLinux
added 2023/08/08 12:0 a.m.57 views

Moderate: curl security update

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fixes: curl: GSS delegation too eager connection re-use CVE-2023-27536 curl: IDN wildcard match may lead to Improper Cerificate...

5.9CVSS6.9AI score0.0181EPSS
Exploits2References6
RedHat Linux
RedHat Linux
added 2023/08/01 8:55 a.m.49 views

Moderate: Red Hat Security Advisory: curl security update

An update for curl is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

5.9CVSS6.6AI score0.02211EPSS
Exploits2References3
RedhatCVE
RedhatCVE
added 2023/05/17 9:27 a.m.29 views

CVE-2023-28321

A flaw was found in the Curl package. An incorrect International Domain Name IDN wildcard match may lead to improper certificate validation...

5.9CVSS6.2AI score0.0181EPSS
Exploits1References4
CNNVD
CNNVD
added 2023/05/17 12:0 a.m.1 views

curl 信任管理问题漏洞

curl is a tool used to transfer data from or to a server. A security vulnerability exists in curl, which stems from an IDN wildcard match that could lead to incorrect certificate validation...

5.9CVSS6.3AI score0.0181EPSS
Exploits1References29
FreeBSD
FreeBSD
added 2023/03/21 12:0 a.m.45 views

curl -- multiple vulnerabilities

Wei Chong Tan, Harry Sintonen, and Hiroki Kurosawa reports: This update fixes 4 security vulnerabilities: Medium CVE-2023-28319: UAF in SSH sha256 fingerprint check. Reported by Wei Chong Tan on 2023-03-21 Low CVE-2023-28320: siglongjmp race condition. Reported by Harry Sintonen on 2023-04-02 Low...

7.5CVSS7AI score0.02658EPSS
Exploits4References4
Tenable Nessus
Tenable Nessus
added 2021/10/28 12:0 a.m.35 views

F5 Networks BIG-IP : cURL vulnerability (K61186963)

The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3 / 17.5.1.1. It is, therefore, affected by a vulnerability as referenced in the K61186963 advisory. curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP...

7.5CVSS6.9AI score0.09917EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2021/03/10 12:0 a.m.44 views

EulerOS Virtualization 2.9.1 : curl (EulerOS-SA-2021-1596)

According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Vulnerability Summary for CVE-2020-8169CVE-2020-8169 - Vulnerability Summary for CVE-2020-8177CVE-2020-8177 - Expired pointer...

7.8CVSS6.9AI score0.09917EPSS
Exploits5References6
Tenable Nessus
Tenable Nessus
added 2021/03/10 12:0 a.m.33 views

EulerOS Virtualization 3.0.6.6 : curl (EulerOS-SA-2021-1466)

According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match...

7.5CVSS6.7AI score0.09917EPSS
Exploits2References3
OpenVAS
OpenVAS
added 2021/03/05 12:0 a.m.21 views

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2021-1466)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.9AI score0.09917EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2021/03/04 12:0 a.m.36 views

EulerOS Virtualization for ARM 64 3.0.6.0 : curl (EulerOS-SA-2021-1548)

According to the versions of the curl packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verificatio...

7.5CVSS6.8AI score0.09917EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2021/01/20 12:0 a.m.38 views

EulerOS 2.0 SP3 : curl (EulerOS-SA-2021-1063)

According to the version of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing.CVE-2020-8285...

7.5CVSS6.8AI score0.09917EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2021/01/08 12:0 a.m.28 views

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2021-1003)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.9AI score0.09917EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2021/01/04 12:0 a.m.35 views

EulerOS 2.0 SP9 : curl (EulerOS-SA-2021-1022)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match...

7.5CVSS6.8AI score0.09917EPSS
Exploits2References3
Rows per page
Query Builder